Overview

File _patchinfo of Package patchinfo.8795

<patchinfo incident="8795">
  <issue tracker="bnc" id="1105443">VUL-1: CVE-2018-1000632: dom4j:  version prior to version 2.1.1 contains a CWE-91: XML Injectionvulnerability in Class: Element. Methods: addElement, addAttribute that canresult in an attacker tampering with XML documents through XML</issue>
  <issue tracker="cve" id="2018-1000632"/>
  <category>security</category>
  <rating>moderate</rating>
  <packager>pmonrealgonzalez</packager>
  <description>This update for dom4j fixes the following issues:

- CVE-2018-1000632: Prevent XML injection that could have resulted in an
  attacker tampering with XML documents (bsc#1105443).
</description>
  <summary>Security update for dom4j</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places